2 min read

Critical Webex Bugs Let "Ghost" Users Spy on Meetings

Filip TRUȚĂ

November 20, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Critical Webex Bugs Let "Ghost" Users Spy on Meetings

Researchers have discovered three dangerous security flaws in CISCO”s popular video conferencing tool, Webex. In the researchers” words, the flaws can allow anyone to become a “ghost,” joining a meeting without being detected.

Discovered by IBM”s Office of the CISO, the flaws came to light after Gartner noted a considerable spike in video conferencing associated with the pandemic. Big Blue was no exception to the rule, having increased its own use of such tools – primarily Webex. Poking around the platform for bugs, the geeks at IBM discovered three nasty vulnerabilities that could allow somebody to:

  1. Join a Webex meeting as a ghost without being seen on the participant list, with full access to audio, video, chat and screen-sharing capabilities.
  2. Stay in a Webex meeting as a ghost after being expelled from it, maintaining audio connection.
  3. Gain access to information on meeting attendees — including full names, email addresses and IP addresses — from the meeting room lobby, even without being admitted to the call.

The flaws affect both scheduled meetings with unique meeting URLs and Webex Personal Rooms, with the Rooms being a bit easier to exploit “because they are often based on a predictable combination of the room owner”s name and organization name,” according to IBM.

Switchzilla tracks the bugs as follows:

Cisco Webex Meetings and Cisco Webex Meetings Server Ghost Join Vulnerability (CVE-2020-3419)

Cisco Webex Meetings and Cisco Webex Meetings Server Unauthorized Audio Information Exposure Vulnerability (CVE-2020-3471)

Cisco Webex Meetings and Cisco Webex Meetings Server Information Disclosure Vulnerability (CVE-2020-3441)

All three vulnerabilities work by exploiting the handshake process that Webex uses to establish a connection between meeting participants. In the case of CVE-2020-3419, the weakness is yielded by the improper handling of authentication tokens by a vulnerable Webex site. To exploit CVE-2020-3471, a malicious actor would take advantage of a synchronization issue between meeting and media services on a vulnerable Webex site. And in the case of CVE-2020-3441, insufficient protection of sensitive participant information is to blame.

“A malicious actor can become a ghost by manipulating these messages during the handshake process between the Webex client application and the Webex server back-end to join or stay in a meeting without being seen by others,” IBM researchers said.

The second flaw is especially worrisome, as it can allow a ghost to stay in a meeting unseen by others, even after being expelled by the host.

“We identified that we could maintain the working bidirectional audio communication while a server thought the connection from an attendee dropped — meaning the attendee disappeared from the participants panel and became a ghost,” the researchers said.

Since their discovery, CISCO has addressed these vulnerabilities. The “sites” component is taken care of, but users of CISCOWebex Meetings Server must install 3.0MR3 Security Patch 5 or 4.0MR3 Security Patch 4 to close these holes. The advisories also mention Webex Meetings apps for iOS and Android as being affected, so be sure to download and install the latest version of those as well.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read